package com.atguigu.gmall.gatewey.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;

@Configuration
public class CorsConfig {

    @Bean
    public CorsWebFilter corsWebFilter(){

        //cors配置对象
        CorsConfiguration configuration = new CorsConfiguration();
        //允许跨域访问的域名   一般不写 * ,不安全且不能写到cookie
        configuration.addAllowedOrigin("http://manager.gmall.com");
        configuration.addAllowedOrigin("http://www.gmall.com");
        configuration.addAllowedOrigin("http://gmall.com");
        //允许跨域访问的方式
        configuration.addAllowedMethod("*");
        //允许跨域访问携带的头信息
        configuration.addAllowedHeader("*");
        //是否允许携带cookie
        configuration.setAllowCredentials(true);


        //初始化一个配置源对象
        UrlBasedCorsConfigurationSource configurationSource = new UrlBasedCorsConfigurationSource();
        configurationSource.registerCorsConfiguration("/**",configuration);

        return new CorsWebFilter(configurationSource);
    }
}
